Fun hacks, WP plugins, photography, and PKI junk. Languishing since 2008.
Archive for February, 2009
OpenSSL SAN/UCC Certificate Generation
Feb 28th
Signing a CSR containing subjectAltName (SAN/UCC) extensions isn’t hard, but can be a daunting challenge for the OpenSSL neophyte. We’re going to use the OpenSSL Self-Signed CA to accomplish this task in two ways.
Pre-Existing SAN CSREither you already have a SAN CSR from another source or you generated one using the tutorial from yesterday. Inside your myca.conf file you’ll need to add the following under the [ myca ] section.
copy_extensions = copy
Now you can simply sign the CSR using the method specified in the self-signed CA post and you’re all set.
Add SAN/UCC Extensions to Existing CSRTo accomplish this add the More >
Creating a SubjectAltName (SAN/UCC) CSR
Feb 27th
SAN certificates (or as Microsoft and others have taken to calling them, Unified Communications Certificates) are rapidly becoming a popular option for securing multiple domains. In fact, Exchange 2007, OCS 2007, and several other products now require UCC to function. However, this certificate type can proffer some advantages beyond that of a wildcard certificate as well. One such advantage is the ability to secure “domain.com”, “www.domain.com”, “domain.net”, and “someotherdomain.com” all within a single certificate.
SAN CSRs cannot be generated using the interactive prompt in OpenSSL so we’ll need to make a conf:
[ req ] default_bits = 1024 default_keyfile = privkey.pem distinguished_name More >
CDN Tools Initial Release
Feb 25th
I am pleased to announce the initial public release of CDN Tools, my latest Wordpress plugin!
What is CDN Tools?Well, it’s a Wordpress plugin that lets you load javascript files and your blog’s media (pictures, movies, audio, et cetera) to a content distribution network (CDN) to speed up page loading. You can load up all your javascript and media with a single click and then your media will be automatically sideloaded to the CDN after that. The plugin will operate totally transparently.
Do I need a CDN account?No! You can offload prototype and jQuery to Google’s servers with this tool More >
Code Signing for Mac OS X and Windows
Feb 22nd
Code signing is rapidly becoming an important part of application deployment on many platforms. On OS X it suppresses the keychain warnings when you update your application and on Windows it can bypass numerous UAC notifications as well as the initial application launch dialog. This can (sometimes drastically) improve the customer experience and reduce friction associated with your application. But how do you actually do it?
You can purchase a code signing certificate from any major CA, but for today we’re going to use the OpenSSL Self-Signed CA we created in a previous article.
First let’s create a code signing certificate (if you More >
Some Fidgetr Updates
Feb 8th
Since I released Fidgetr I’ve put up two small bugfix/feature enhancement releases. In no particular order:
- You can now use Flickr username or email to obtain your photostream. Previously only Flickr username was allowed.
- Substantial improvements to look and feel of the widget control in wp-admin. This should help reduce confusion.
- Several optimizations to reduce DB writes and queries to the Flickr API
- Reworked how the themes loop through the JSON object to avoid a bug with “undefined” entries when prototype is declared on the page.
Additionally, I’ve started some restructuring for the next release, which will include i18n support, more speed, and tweaks to More >